CVSS: 7.5EPSS: 0%CPEs: 6EXPL: 0CVE-2014-0625 – RSA BSAFE SSL-J DoS / Disclosure
https://notcve.org/view.php?id=CVE-2014-0625
17 Feb 2014 — The SSLSocket implementation in the (1) JSAFE and (2) JSSE APIs in EMC RSA BSAFE SSL-J 5.x before 5.1.3 and 6.x before 6.0.2 allows remote attackers to cause a denial of service (memory consumption) by triggering application-data processing during the TLS handshake, a time at which the data is internally buffered. La implementación SSLSocket en las APIs (1) JSAFE y (2) JSSE en EMC RSA BSAFE SSL-J 5.x anterior a 5.1.3 y 6.x anterior a 6.0.2 permite a atacantes remotos causar una denegación de servicio (consu... • http://archives.neohapsis.com/archives/bugtraq/2014-02/0061.html • CWE-399: Resource Management Errors •
CVSS: 7.5EPSS: 0%CPEs: 6EXPL: 0CVE-2014-0626 – RSA BSAFE SSL-J DoS / Disclosure
https://notcve.org/view.php?id=CVE-2014-0626
17 Feb 2014 — The (1) JSAFE and (2) JSSE APIs in EMC RSA BSAFE SSL-J 5.x before 5.1.3 and 6.x before 6.0.2 make it easier for remote attackers to bypass intended cryptographic protection mechanisms by triggering application-data processing during the TLS handshake, a time at which the data is both unencrypted and unauthenticated. Las APIs (1) JSAFE y (2) JSSE en EMC RSA BSAFE SSL-J 5.x anterior a 5.1.3 y 6.x anterior a 6.0.2 facilitan a atacantes remotos evadir mecanismos de protección criptográfica mediante el aprovecha... • http://archives.neohapsis.com/archives/bugtraq/2014-02/0061.html • CWE-310: Cryptographic Issues •
CVSS: 5.0EPSS: 0%CPEs: 6EXPL: 0CVE-2014-0627 – RSA BSAFE SSL-J DoS / Disclosure
https://notcve.org/view.php?id=CVE-2014-0627
17 Feb 2014 — The SSLEngine API implementation in EMC RSA BSAFE SSL-J 5.x before 5.1.3 and 6.x before 6.0.2 allows remote attackers to trigger the selection of a weak cipher suite by using the wrap method during a certain incomplete-handshake state. La implementación API SSLEngine en EMC RSA BSAFE SSL-J 5.x anterior a 5.1.3 y 6.x anterior a 6.0.2 permite a atacantes remotos provocar la selección de una suite de cifrado débil mediante el uso del método Wrap durante cierto estado del handshake incompleto. RSA BSAFE SSL-J v... • http://archives.neohapsis.com/archives/bugtraq/2014-02/0061.html • CWE-310: Cryptographic Issues •